Stored HTML Injection inside the >>> Request payment >>> Request Customer Data Checkout >>> Request shipping address

Team, I hope you are all doing well. . I wanted to bring to your attention a potential vulnerability on the website https://mainnet.demo.btcpayserver.org/stores/6YSiuoN6q1yF2ucWZvWojBuVJAJzXxFFUn9cw8iNPPMC/payment-requests/edit/ec575d56-6b8e-41bd-8b9a-bdcda9c5daad. . During my research, I...

Account Takeover and Persistence due to the Oauth Misconfiguration

Team, May you all be well on your side of the screen. : . While Doing some research on thehttps://cal.com/, I was able to find a Pre-Account Takeover vulnerability. Proof of concept: . I have created a video demonstration of the vulnerability and uploaded it to my Google Drive. . The link for the...

An attacker can be post message in other memos page

Description An attacker can be post malicious content to other user's memos page via POST request, attacker just add an creatorID into body request and send it with Burpsuite Here is video poc: https://drive.google.com/file/d/1dNKo-ybfguam4YdvmluYujN2nkTG5D9G/view?usp=sharelink Proof of Concept...

CVE-2019-1388

An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges, aka ‘Windows Certificate Dialog Elevation of Privilege Vulnerability’. Recent assessments: dabdine-r7 at November 20, 2019 6:03pm UTC reported: Given the video showi...

ThunderDNS - Tool To Forward TCP Traffic Over DNS Protocol

This tool can forward TCP traffic over DNS protocol. Non-compile clients + socks5 support. Run Setting up NS records on our domain: Please wait for clearing DNS-cache. Simple server run: python3 ./server.py --domain oversec.ru Simple server run Dockerfile: docker run -e DOMAIN='' Simple client ru...

Sophos Cyberoam UTM CR25iNG - 10.6.3 MR-5 - Direct Object Reference

Exploit Title: Sophos Cyberoam UTM - Privilege Escalation Date: 31/08/2016 Exploit Author: Chintan Gurjar Frogy Vendor Homepage: http://www.sophos.com/ Software Link: https://www.cyberoam.com/downloads/datasheet/CR25iNG.html Version: Cyberoam CR25iNG - 10.6.3 MR-5 CVE : CVE-2016-7786 Category :...

Intrusion detection penetration magic Burp Suite uncovered a remote code executable flaws vulnerabilities of the bug, the official replied that it evidence is not conclusive-vulnerability warning-the black bar safety net

Recently, the outer Magenta network security staff revealed a the presence of the object long-distance code to perform vulnerability flaws bug the video, Burp Suite civil on Twitter about this reply: the video evidence is not sufficient, and there can be fabricated. Burp Suite Burp Suite is an...

RED HAWK v2.0.0 - All in one tool for Information Gathering, Vulnerability Scanning and Crawling

RED HAWK is An All In One Tool For Information Gathering, SQL Vulnerability Scannig and Crawling. Coded In PHP. Features: Basic Scan Site Title NEW IP Address Web Server Detection IMPROVED CMS Detection Cloudflare Detection robots.txt Scanner Whois Lookup IMPROVED Geo-IP Lookup Grab Banners...

404TinyShell connect over Protocol Instance

Document Title: =============== 404TinyShell connect over Protocol Instance References: =========== https://www.vulnerability-lab.com/getcontent.php?id=1984 Video: https://www.youtube.com/watch?v=cQKGT1K8RZU Release Date: ============= 2016-10-14 Vulnerability Laboratory ID VL-ID:...

Hacker Reveals How to Hack Any Facebook Account

Hacking Facebook account is one of the major queries of the Internet user today. It's hard to find — how to hack Facebook account, but an Indian hacker just did it. A security researcher discovered a 'simple vulnerability' in the social network that allowed him to easily hack into any Facebook...

Trend Micro Direct Pass - Bypass & Persistent Vulnerability

Document Title: =============== Trend Micro Direct Pass - Bypass & Persistent Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1688 Video: https://www.youtube.com/watch?v=vXCdjK6O-Pc Advisory: http://www.vulnerability-lab.com/getcontent.php?id=1661 Release...

WordPress Google Adsense 1.29 Cross Site Scripting

Plugin Name : Google Adsense Effected Version : 1.29 and most probably lower version's if any Vulnerability : A3-Cross-Site Scripting XSS Identified by : Madhu Akula Technical Details Minimum Level of Access Required : Administrator PoC - Proof of Concept :...

WordPress Contact Form 3.81 Cross Site Scripting

Plugin Details Plugin Name : Contact Form Effected Version : 3.81 and most probably lower version's if any Vulnerability : A3-Cross-Site Scripting XSS Identified by : Madhu Akula Technical Details Minimum Level of Access Required : Unauthenticated PoC - Proof of Concept :...

WordPress Symposium 14.05.02 Cross Site Scripting

Plugin Name : WP Symposium Effected Version : 14.05.02 and most probably lower version's if any Vulnerability : A3-Cross-Site Scripting XSS Identified by : Madhu Akula Technical Details Minimum Level of Access Required : Unauthenticated PoC - Proof of Concept : The following fields put the payloa...

Beware Coffee Lovers! StarBucks Exposed you to 3 Critical Vulnerabilities

Ever registered on StarBucks website? Change your passwords now! If you are one of those Millions Starbucks customers who have registered their accounts and credit card details on StarBucks website, then your banking details are vulnerable to hackers. An Independent Security Researcher, Mohamed M...

Informatica: [now.informatica.com] Reflective Xss

http://now.informatica.com/endata-integration-for-dummiesbook2642.html?source=Homepage The issue is located here. I will be including a video demonstrating this vulnerability Xss vector used: xs...

'TweetDeck Teams' Allows Managing Multiple Twitter Accounts Without Sharing Passwords

Many times organizations, companies and groups of people come across the problem when their social media teams have to work within a single Twitter account or maintain multiple twitter accounts. In this case, either they need to use some third party API-based services or they use TweetDeck...

Mail.ru: Same Origin Policy bypass

Hi, After small investigation I've probably found something that can be exploited to bypass Same Origin Policy on mail.ru services specially your main domain and e.mail.ru. First of all - let's take a look about your crossdomain.xml both for mail.ru and e.mail.ru: After time spent on searching...

Avira Service - Unvalidated CSRF Token Account Hijacking

Document Title: =============== Avira Service - Unvalidated CSRF Token Account Hijacking References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1301 View: https://www.youtube.com/watch?v=lJR8Hv5JnOI Release Date: ============= 2014-08-28 Vulnerability Laboratory ID VL-ID:...

Mozilla Thunderbird vulnerability allows hackers to Insert malicious code into Emails

Do you use Thunderbird, a free; open-source; cross-platform application for managing email and news feeds? According to a Pakistani Security Researcher from Vulnerability-Lab, a flaw gives an attacker the ability to run code on a user’s machine. Mozilla Thunderbird 17.0.6 email application is...